def get_queryset(self):
if has_permissions_to(self.request, 'view_tasks'):
# init
param_user_tasks = None
# get user_role
user_role = self.request.user.groups.first().name
# get all users tasks by user_id
if self.request.user.is_superuser or user_role == 'ADMIN':
param_user_tasks = Tasks.objects.all().filter(
annotator=self.kwargs['user_id'])
elif user_role == 'PM' or user_role == 'PROJECT_MANAGER':
param_user_tasks = Tasks.objects.all().filter(
annotator=self.kwargs['user_id'],
created_by=self.request.user.id)
elif user_role == 'ANNOTATOR' or user_role == 'GUEST':
# if the current user wants to see his own tasks
if self.kwargs['user_id'] == self.request.user.id:
param_user_tasks = Tasks.objects.all().filter(
annotator=self.kwargs['user_id'], is_active=True)
return param_user_tasks
else:
raise PermissionDenied
def get_queryset(self):
if has_permissions_to(self.request, 'view_projects'):
param_user_projects = None
my_projects = []
# get user_role
user_role = self.request.user.groups.first().name
# get all users projects by user_id
if user_role == 'ADMIN':
param_user_projects = Projects.objects.all().order_by(
'-updated_at')
elif user_role == 'PM' or user_role == 'PROJECT_MANAGER':
param_user_projects = Projects.objects.all().filter(
created_by=self.request.user.id).order_by('-updated_at')
elif user_role == 'ANNOTATOR' or user_role == 'GUEST':
# if the current user can see only his own tasks - projects
user_tasks = Tasks.objects.all().filter(
annotator=self.request.user.id,
is_active=True).order_by('-updated_at')
for task in user_tasks:
my_projects.append(task.project.id)
param_user_projects = Projects.objects.all().filter(
is_active=True, id__in=my_projects).order_by('-updated_at')
return param_user_projects
# return self.queryset
else:
raise PermissionDenied
def get_queryset(self):
if has_permissions_to(self.request, 'view_tasks'):
# init
param_user_tasks = None
# get user_role
user_role = self.request.user.groups.first().name
# get all users tasks by user_id
if user_role == 'ADMIN':
param_user_tasks = Tasks.objects.all().order_by('-updated_at')
elif user_role == 'PM' or user_role == 'PROJECT_MANAGER':
param_user_tasks = Tasks.objects.all().filter(
created_by=self.request.user.id).order_by('-updated_at')
elif user_role == 'ANNOTATOR' or user_role == 'GUEST':
# if the current user wants to see his own tasks
# changed by Omri 23.7.17 to include demo tasks
param_user_tasks = (Tasks.objects.all().filter(
is_demo=True,
is_active=True,
status=Constants.TASK_STATUS_JSON['SUBMITTED']
).order_by('-updated_at') | Tasks.objects.all().filter(
annotator=self.request.user.id,
is_active=True).order_by('-updated_at')).distinct()
#param_user_tasks = Tasks.objects.all().filter(annotator=self.request.user.id, is_active=True).order_by('-updated_at')
return param_user_tasks
else:
raise PermissionDenied
def create(self, request, *args, **kwargs):
if has_permissions_to(self.request, 'add_projects'):
ownerUser = self.request.user
request.data['created_by'] = ownerUser
return super(self.__class__, self).create(request)
else:
raise PermissionDenied
def get_queryset(self):
if has_permissions_to(self.request, 'view_projects'):
# init
param_user_tasks = None
projects_set = []
# get user_role
user_role = self.request.user.groups.first().name
# get all users tasks by user_id
if self.request.user.is_superuser or user_role == 'ADMIN':
param_user_tasks = Tasks.objects.values(
'project_id', 'annotator_id',
'created_by').filter(annotator=self.kwargs['user_id'])
elif user_role == 'PM' or user_role == 'PROJECT_MANAGER':
param_user_tasks = Tasks.objects.values(
'project_id', 'annotator_id',
'created_by').filter(annotator=self.kwargs['user_id'],
created_by=self.request.user.id)
if param_user_tasks is not None:
# group by project_id
user_tasks = param_user_tasks.annotate(Count('project_id'))
for ut in user_tasks:
projects_set.append(
Projects.objects.get(pk=ut['project_id']))
return projects_set
else:
raise PermissionDenied
def destroy(self, request, *args, **kwargs):
if has_permissions_to(self.request, 'delete_sources'):
try:
return super(self.__class__, self).destroy(request)
except ProtectedError:
raise DependencyFailedException
else:
raise PermissionDenied
def create(self, request, *args, **kwargs):
if has_permissions_to(self.request, 'add_tasks'):
ownerUser = self.request.user
request.data['created_by'] = ownerUser
request.data['status'] = Constants.TASK_STATUS_JSON['NOT_STARTED']
return super(self.__class__, self).create(request)
else:
raise PermissionDenied
def destroy(self, request, *args, **kwargs):
if has_permissions_to(self.request, 'delete_users'):
instance = self.get_object()
User.objects.get(pk=instance.id).delete()
self.perform_destroy(instance)
return Response(status=status.HTTP_204_NO_CONTENT)
else:
raise PermissionDenied
def update(self, request, *args, **kwargs):
if (kwargs['save_type'] not in Constants.SAVE_TYPES):
raise SaveTypeDeniedException
if has_permissions_to(self.request, 'change_tasks'):
self.context = dict(kwargs)
#self.context['status'] = 'ONGOING'
return super(self.__class__, self).update(request)
else:
raise PermissionDenied
def create(self, request, *args, **kwargs):
if has_permissions_to(self.request, 'add_layers'):
ownerUser = self.request.user
request.data['created_by'] = ownerUser
if 'created_at' in request.data:
request.data.pop('created_at')
return super(self.__class__, self).create(request)
else:
raise PermissionDenied
def get_queryset(self):
if has_permissions_to(self.request,'view_users'):
param_user_details = None
# get user_role
user_role = self.request.user.groups.first().name
if user_role == 'GUEST':
param_user_details = Users.objects.all().order_by('-updated_at')
# if the current user wants to see his own tasks
param_user_details = Users.objects.all().filter(id=self.request.user.id, is_active=True)
else:
param_user_details = Users.objects.all().order_by('-updated_at')
return param_user_details
else:
raise PermissionDenied
def create(self, request, *args, **kwargs):
if has_permissions_to(self.request, 'add_users'):
context = {
'request': self.request
}
ownerUser = request.user
djangoUser = User()
djangoUser.email = request.data['email']
djangoUser.first_name = request.data['first_name']
djangoUser.last_name = request.data['last_name']
djangoUser.username = request.data['first_name'] + get_random_string(length=8)
random_password = User.objects.make_random_password()
djangoUser.set_password(random_password)
Users.validate_email_unique(djangoUser.email)
djangoUser.save()
send_invite_email(inviterName=self.request.user.first_name, toEmail=djangoUser.email, password=random_password)
newUser = Users()
newUser.id = djangoUser.pk
newUser.user_auth = djangoUser
newUser.first_name = request.data['first_name']
newUser.last_name = request.data['last_name']
newUser.email = request.data['email']
newUser.organization = request.data['organization']
newUser.affiliation = request.data['affiliation']
newUser.role = Roles.objects.get(id=request.data['role']['id'])
newUser.set_group(newUser.id, newUser.role.name)
newUser.created_by = ownerUser
newUser.save()
userSerialiser = UsersSerializer(newUser,context=context)
res = {
"result": userSerialiser.data
}
return Response(res)
else:
raise PermissionDenied
def update(self, request, *args, **kwargs):
if has_permissions_to(self.request, 'change_users'):
partial = kwargs.pop('partial', False)
instance = self.get_object()
new_role = Roles.objects.get(id=request.data['role']['id'])
request.data['role'] = {
'id': new_role.id,
'name': new_role.name
}
# Roles.objects.get(id=request.data['role']['value'])
serializer = self.get_serializer(instance, data=request.data, partial=partial)
serializer.is_valid(raise_exception=True)
self.perform_update(serializer)
if getattr(instance, '_prefetched_objects_cache', None):
# If 'prefetch_related' has been applied to a queryset, we need to
# refresh the instance from the database.
instance = self.get_object()
serializer = self.get_serializer(instance)
return Response(serializer.data)
else:
raise PermissionDenied
def update(self, request, *args, **kwargs):
if has_permissions_to(self.request, 'change_sources'):
return super(self.__class__, self).update(request)
else:
raise PermissionDenied
def get_queryset(self):
if has_permissions_to(self.request, 'view_sources'):
return self.queryset
else:
raise PermissionDenied
